import/export to key3.db

Posted on

I've tried generating public/private key sets in order to build self-signed certificates for securing vpn/ikev2 sessions between windows 7/8 systems and a Linux 7 firewall/authentication server.
I've noticed that when I try to "list" the pub/prv key via certutil, I get the following:
[root@69 ~]# certutil -K -d /etc/ipsec.d -k rsa -n ids4k00
certutil: Checking token "NSS Certificate DB" in slot "NSS User Private Key and Certificate Services"
certutil: problem listing keys: SEC_ERROR_UNRECOGNIZED_OID: Unrecognized Object Identifier.
[root@69 ~]# certutil -K -d /etc/ipsec.d
certutil: Checking token "NSS Certificate DB" in slot "NSS User Private Key and Certificate Services"
< 0> rsa ada9e1c8afb8f2586d412ed32c338654030ceb6b (orphan)
[root@69 ~]# certutil -K -d /etc/ipsec.d -k rsa
certutil: Checking token "NSS Certificate DB" in slot "NSS User Private Key and Certificate Services"
< 0> rsa ada9e1c8afb8f2586d412ed32c338654030ceb6b (orphan)
[root@69 ~]# man genpkey >> /work/openssl-genpkey-doc.txt

I've tried deleting and reinitializing the databases, but no joy.

openssl genpkey will also generate a pub/prv key set. but outputs a .pem file.
Is there a utility that will allow me to import the .pem file into the key3.db ?

Guy

2U

Responses